SRX Services Gateway
SRX Services Gateway

enaling ssh service on loopback interface in srx1500

‎02-25-2017 01:47 AM

Hi all,

 

i want to configure ssh service on my loopback interface in srx1500.i put this interface in trust zone and enabled services all and protocols all on this zones.and beside that i enabled services all and protocols all on this intrface as well.but whenever i access it through ssh , the putty doesnt respond me .any idea about it....pls share

8 REPLIES 8
SRX Services Gateway

Re: enaling ssh service on loopback interface in srx1500

‎02-25-2017 01:54 AM

Hi,

 

Please check if ssh is configured under system services.

If not,

set system services ssh

 

 

Shailesh
[KUDOS PLEASE! If you think I earned it!
If this solution worked for you please flag my post as an "Accepted Solution" so others can benefit..]
SRX Services Gateway

Re: enaling ssh service on loopback interface in srx1500

‎02-25-2017 02:06 AM

yes bro ssh is configured but still it i cannot access it

SRX Services Gateway

Re: enaling ssh service on loopback interface in srx1500

‎02-25-2017 02:06 AM

Hi,

 

You also need to check if you have the security policy for the traffic allowed or not.

As shailesh said you need to have the system services also enabled for the devise to respond for the SSH.

 

 

Thanks,

Guru

 

SRX Services Gateway

Re: enaling ssh service on loopback interface in srx1500

‎02-25-2017 02:09 AM

yes bro security policy is configured as well .in which source any destination any and application any is enabled but still it doesn't respond ssh access .i am confused that what else is left...

SRX Services Gateway

Re: enaling ssh service on loopback interface in srx1500

‎02-25-2017 02:11 AM

could any pls share a complete configuration on this scenario so that i may be able to get help .....

 

 

Thanks in advance to all contributors in this forum from my side 

 

 

 

Regards,,

 

Asif Khan

SRX Services Gateway

Re: enaling ssh service on loopback interface in srx1500

‎02-25-2017 03:55 AM

Is the loopback address reachable on the network you are connecting from?

 

When you ping and trace route to the loopback address does it respond to ping and go the expected direction.

 

For self traffic you don't normally need a security policy but if you do setup policies for self traffic you would use the junos-host zone as the to-zone to establish the restrictions.  Without a junos-host policy the services / protocols enable on the zone host inbound services are simply allowed from everywhere.

Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home
SRX Services Gateway

Re: enaling ssh service on loopback interface in srx1500

‎02-25-2017 07:19 AM
it would be easier if you share your config
Thanks,
Suraj
Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too
SRX Services Gateway

Re: enaling ssh service on loopback interface in srx1500

‎02-26-2017 01:35 AM

Hi Asif,

 

Please also check if you have any firewall filter configured on the SRX to protect the RE and it has the SSH allowed from the subnet that you are initiating traffic from.

 

Suggest you to share the configuration so that we could help you.

 

Regards,

Guru Prasad